AMENDMENTS 

In the Claims: 

Please amend the claims as indicated hereafter. 

1 . (Currently Amended) A computer system, comprising: 
a display device having a screen for displaying images; and 

a security application defining a list of security rules for locking down resources of said 
computer system, said security application configured to categorize said rules into a plurality of 
categories and to display at least one of said categories on said screen, said security application 
configured to determine which of said rules are associated with said one category in response to a 
selection of said one category by a user of said computer system, said security application 
configured to display on said screen each of said rules associated with said one category in 
response to said selection, said security application further configured to allow said user to enable 
ones of said rules and to cause said computer system to enforce said enabled ones of said rules by 
modifying a machine state of said computer syste m, wherein different ones of said categories 
respectively pertain to different ones of a plurality of applications and wherein said rules are 
categorized such that said one category is assigned only to ones of said rules that affect a particular 
application pertaining to said one category . 

2. (Original) The computer system of claim 1, wherein said computer system further 
comprises memory storing various computer applications, and wherein said security application is 
further configured to determine which computer applications are stored in said memory and to 
display said categories based on a determination by said security application as to which computer 
applications are stored in said memory. 
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3. (Original) The system of claim 1, wherein said one category is displayed on said screen 
by said security application in response to a selection of another category by said user. 

4. (Original) The system of claim 1, wherein said one category is a sub-category of 
another of said categories. 

5. (Currently Amended) A system for locking down resources of computer systems, 
comprising: 

means for defining a list of security rules for locking down resources of a computer system; 
means for categorizing said rules into a plurality of categories; 
means for displaying at least one of said categories; 

means for determining, in response to a selection of said one category, which of said rules 
is associated with said one category; 

means for displaying each of said rules determined by said determining moans to be 
associated with said one category; 

means for enabling ones of said rules based on user inputs; and 

means for enforcing each of said enabled rules^ 

wherein different ones of said categories respectively pertain to different ones of a plurality 
of applications and wherein said categorizing means is configured to assign said one category only 
to ones of said rules that affect a particular application pertaining to said one category . 
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6. (Original) The system of claim 5, further comprising: 
means for storing various computer applications; 

means for identifying which computer applications are stored in said storing means; and 
means for displaying said categories based on which computer applications are identified 
by said identifying means. 

7. (Original) The system of claim 5, further comprising: 
means for selecting another of said categories; and 

means for displaying said one category in response to a selection by said selecting means. 

8. (Original) The system of claim 5, wherein said one category is a sub-category of 
another of said categories . 



9. (Currently Amended) A method for locking down resources of computer systems, 
comprising th e st e ps of : 

defining a list of security rules for locking down resources of a computer system; 
categorizing said rules into a plurality of categories , wherein different ones of the plurality 
of categories pertain to different ones of a plurality of applications ; 
displaying at least one of said categories; 

determining, in response to a selection of said one category, which of said rules is 
associated with said one category; 

displaying each of said rules determined in said d e t e rmining st e p to be associated with said 
one category; 

enabling ones of said rules display e d via said displaying e ach of said rul e s st e p ; and 
enforcing each of said enabled rules based on said enabling^ st e p. 

wherein said categorizing comprises assigning said one category only to ones of said rules 
that affect a particular application pertaining to said one category. 

10. (Currently Amended) The method of claim 9, wherein said computer system has 
memory and said method further comprises th e st e ps of : 

storing various computer applications in said memory; 
determining which computer applications are stored in said memory; and 
displaying said categories based on said determining which computer applications are 
stored in said memory step. 
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1 1 . (Currently Amended) The method of claim 9, further comprising th e st e ps of : 
selecting another of said categories; and 

displaying said one category in response to said selecting step. 

12. (Original) The method of claim 9, wherein said one category is a sub-category of 
another of said categories. 

13. (New) The system of claim 1, wherein each of said rules is assigned to a respective 
one of said categories based on whether said each rule controls access to an application pertaining 
to said respective one category. 

14. (New) The system of claim 1, wherein each of said categories is assigned only to ones 
of said security rules that affect a respective one of said applications pertaining to said each 
category. 

15. (New) The system of claim 1, wherein said security application, in response to a 
selection of one of said rules, is configured to display help information pertaining to said one rule. 

16. (New) The method of claim 9, wherein said categorizing comprises assigning each of 
said rules to a respective one of said categories in response to a determination that said each rule 
controls access to an application pertaining to said respective one category. 
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17. (New) The method of claim 9, wherein each of said categories pertains to only a 
respective one of said applications. 

18. (New) The method of claim 9, further comprising: 
selecting one of said rules; and 

displaying help information pertaining to said one rule in response to said selecting. 

19. (New) The method of claim 9, further comprising making said selection in response to 
a determination that said one category pertains to said particular application. 



